How I almost lost it all

I’ve had this post draft saved in my control panel for nearly a year and I decided it was time to share my story about how I nearly lost all of my domains. This is a longer than average post for me; however, for anyone that is concerned about having their domain names stolen (everyone should be!) I highly recommend you continue reading this post. Now for those of you that may have missed my post about how to save money on private domain name registration be sure to check that out as well.

The Story Begins

The story begins with some drama that started on one of my video game forums. Apparently some of the members from one of my forums had been going over to this other halo forum and posting about how much their forum sucked and how much better mine was. Now of course this is stupid behavior (typical of younger gamers) and something I knew nothing about until I received a chilling voice mail.

The Plot Thickens

I still remember this moment vividly – I had just arrived at a Seattle Sounders game to watch my friend play and as I sat down in my seat I checked a message that I received after missing a call from an unknown number. It was some guy that ranted on about how I better f***ing control my people or else there would be problems. He also mentioned that he would take my f***ing domains. At the time I thought it was just some idiot playing a prank until I got home and tried to log into my GoDaddy account. The jerk was not bluffing and he did in fact already have control of my account and was able to change the admin password! I was able to phone GoDaddy support and provide enough info to regain control of my account. So now who was this jerk that left a hate filled message full of expletives? It was the admins friend from the other halo forum where some of my members were posting about how lame their community was etc. etc.

Apparently the friend of this admin never told him to do anything he just mentioned that some people from my video game forum were on his site stirring up trouble. This jerk took it upon himself to try and steal my domains rather than discuss the issue with me first.

I was able to call the other forum owner and found out who this jerk was. After I explained that I had no idea this behavior was going on, I then asked them for the members IP addresses so I could ban them from my site as well. They could tell I was truly trying my best to patch things up.

How He Did It

Now after I was able to clear the situation up I asked the jerk how he was able to gain access to my account in the first place. He basically went on to describe how he collected my information in a social engineering way.

He used WHOIS records to get his first start on collecting my information. Obviously I made a huge mistake by not adding privacy to my domain names in the first place. I strongly recommend you add privacy to your domains if you have not. (Besides, it can be cheap too). Now after he had the information gathered from my WHOIS records he then set out to contact businesses that he surmised I would be involved with. He would then pose as an employee from another branch of that business, state that his computers were down and that he was trying to pull up some more information on me. He would then give the limited amount of information he had from my WHOIS records to sound more legitimate in an attempt to obtain more pieces of my personal info.

After doing this over and over he had all that he needed, he then used the collected information to gain access to my GoDaddy account and change my admin email address. During the process if he ever encountered a business that would not give him the info that he needed he would simply hang up and call another branch. He stated “There is always someone dumb enough to give out your information if you sound convincing enough on the phone.” The way he avoided detection was by masking his whereabouts by making all of his phone calls through Skype. Apparently he had done this numerous times before and even told me that certain call centers for some global businesses in other parts of the world don’t ask as many security questions so he’d often turn to them first.

Wrapping It Up

I didn’t have enough info about the jerk to ever turn him in or do anything about it in fact I never even heard his real name; however, I have learned a valuable lesson about protecting your personal information from this relatively new form of criminal behavior. I know I’ve said this several times in this post but it’s very important that you add private registration to your domain names as a first line of defense. Be sure to subscribe to my RSS feed so that you don’t miss out on my next post on how to further secure your personal info.

Does anyone else have a horror story out there as well? Fortunately mine ended well, but it could have been much worse.

You know, that kind of behavior borders on psychotic. You’ve dealt with a real Criminal Mind there.What a dick. The internet is still the WILD, WILD WEST. With Messed up people like that hiding behind IP addresses, anything could happen.

Makes you think… wouldn’t it be cool if you could somehow make someones computer BLOW UP… ya know… by connecting to their IP and putting 1.3 Gigawatts down the line at the right time. Shoot them back to 1965 in a alternative reality where they’re a car washer or something!

Wow! I use private reg for most of my domains but this is crazy. Being an info security guy, I know how well social engineering works…it’s pretty scary because folks will give up the keys to the kingdom for next to nothing!

Wow this is a fantastic history, it happened also to the webmaster of a spanish famous forum: ba-k.com, he lost all with godaddy but he finally can recovery all. I will do a review of your history in my spanish blog. Bye!

Such cases are becoming more frequent, its not something new but every time I hear such stories I get worried. Adding private registration to our domain names is the only safer alternative to protect our websites from such jerks who can worsen things for us.